network looks like this...
LAN
|
|
Firewall
|
|
remote server ( A, B, C ) ---- router2 ----- router1 ----- route3 --- remote server (1, 2, 3 etc ) --- internet
|
Datacenter |
(network) |
remote server (x,y,z)
|
|
internet
i want to access the http server on "remote server x" from LAN.. without going through the internet..
so what i did is setup DNAT on "remote server A" but somehow its not working..
this is my ruleset..
NAT
-A PREROUTING -d serverA_IP -p tcp -m tcp --sport 1024:65535 --dport 81 -j DNAT --to-destination serverx_IP:80
FILTER
-A INPUT -p tcp -s LAN_IP/24 --sport 1024:65535 -d serverA_IP --dport 81 -j LOG --log-prefix "INPUT packets:"
-A FORWARD -d serverx_IP -p tcp -m tcp --sport 1024:65535 --dport 80 -m state --state NEW -j ACCEPT
-A FORWARD -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -p tcp -j LOG --log-prefix "FORWARD packets:"
TIA
jm
